Slashdot Mirror

← Back to Stories (view on slashdot.org)

Your License Is Your Interface

Posted by Soulskill on from the your-license-is-solid-color-rectangles dept.

dp619 writes "License-free software has become a thing. Only 14.9% of repositories on GitHub have a license, according to recent Software Freedom Law Center research. Red Monk has observed that this trend is occurring principally among younger software developers. Outercurve Foundation technical evangelist Eric Schultz has offered up his opinion, saying, 'As an active developer I want to add a slightly different perspective on the dangers of releasing unlicensed software. My perspective is based on a simple phrase: "Your License Is Your Interface."' He adds, 'A license similarly defines the interaction between the software, or more precisely the creators of the software, and users. Just like an interface, a license defines intended behavior of users of the software, such as the four essential freedoms or the ten pillars of the Open Source Definition. Just like an interface, a license prevents unintended behavior of users of the software, which depending on the open source license, may disclaim the original author of liability for use of the software, prohibit redistribution without recognizing the original author or prohibit distribution of derivatives under a more restrictive license. When it comes to legal use and distribution of your software, your license IS your interface.'"

7 of 356 comments (clear)

  1. Danger by Anonymous Coward · · Score: 5, Insightful

    "different perspective on the dangers of releasing unlicensed software. "

    Technically, you cannot release unlicensed software. Sure, go ahead and post it to a public repository, but without an explicit license, copyright law forbids anyone else to make use of it. So you haven't really released it, just posted it out there to tease people.

    If you don't want to pick one and you don't care, at least say something like "released to the public domain" to make it explicit. (This option isn't available in all countries, though.)

  2. Re:and if license picking were mandatory... by Anonymous Coward · · Score: 5, Interesting

    I know that posts like this always get modded down by OSS-fanatics, but it is true. If I was to write a small piece of software and wanted people to actually use it, I would never release as GPL. Every company I've worked for refuses to use GPL code, at least for some kinds of applications.

    Release as BSD or similar with a warranty disclaimer and be done with it. That way it might actually be widely useful. Pretty much every industry-standard de-facto library I can think of is BSD licensed, such as openSSL. if openSSL was GPL, no one would use it.

  3. Then you're stuck with GitHub's terms. by Animats · · Score: 5, Interesting

    Here's what GitHub says in their terms of service:

    We claim no intellectual property rights over the material you provide to the Service. Your profile and materials uploaded remain yours. However, by setting your pages to be viewed publicly, you agree to allow others to view your Content. By setting your repositories to be viewed publicly, you agree to allow others to view and fork your repositories.

    That creates some interesting issues. When someone "forks" something, what rights do they have?

    I suspect that many people not specifying a license for what they put on GitHub just assume GitHub owns everything.

  4. Re:and if license picking were mandatory... by Lunix+Nutcase · · Score: 5, Insightful

    Obscurity is a perfectly valid layer of security as long as the security mechanism's integrity is not based solely on that obscurity. Just because certain information can be made public about a security system without damaging its integrity as a whole does not mean you necessarily should make that information public. Bruce Schneier even says so himself:

    Kerckhoffs' Principle is just one half of the decision process. Just because security does not require that something be kept secret, it doesn't mean that it is automatically smart to publicize it.

    From: http://www.schneier.com/crypto-gram-0205.html#1

  5. Re:and if license picking were mandatory... by Dogtanian · · Score: 5, Insightful

    I know that posts like this always get modded down by OSS-fanatics, but it is true. If I was to write a small piece of software and wanted people to actually use it, I would never release as GPL. [.. blah blah..] Release as BSD or similar with a warranty disclaimer and be done with it. [..blah blah..]

    Or perhaps they're modded down because anyone outside the GPL vs. BSD zealotry sees them for what they are- the tedious and inevitable tendency of fanatics on either side to steer any vaguely license-related discussion into being yet another tedious identikit rehash of the GPL vs. BSD holy war.

    As I already said

    Never mind that we've had this discussion countless times before and every possible debating point and issue has been raised and discussed exhaustively a million times. Never mind that the chances of any new insight coming out of the billionth tedious discussion of this long-established subject is next to nothing. Never mind that those involved on both sides feel the need to repeat the same entrenched positions- which mostly come down to personal philosophy and not an incomplete understanding of the issues (which everyone knows full well by now) and will therefore be unlikely to change in the face of the discussion... not that this was the point anyway.

    No, the point is that those involved in every one of these pointless rehashes of the exact same to-ing and fro-ing and restatements of the same old facts and arguments on both sides know this damn well, but can't reign in their desire to indulge in the argument yet again.

    --
    "Slashdot - News and Chat Sites Deviant". (Click "homepage" link above for details).
  6. obfuscation != secrets by Chirs · · Score: 5, Informative

    The definition of obfuscation is to confuse, bewilder, or stupefy, or to make obscure or unclear.

    In security, the normal rule is that the algorithm chosen should still be secure _even if the attacker knows what it is_.

    On the other hand, passwords, crypto keys, etc. are all pieces of data that are secrets. This is a very different thing from obscure.

  7. Re: and if license picking were mandatory... by Mabhatter · · Score: 5, Insightful

    A better example is that "no man dies without a will". If YOU don't make one OTHER PEOPLE's Lawyers will.

    The same applies to software licenses. If you are not using LAWYERS to write a license before publishing, then your ignorant not to pick an OSI-approved license. The list is long enough to be useful, and the OSI approved licenses have enough establishment legally as "reasonable and customary" "industry standards" that there is LOTS of stuff written about the technicalities and interactions that real layers have done lots of work on.

    Otherwise, you are just waiting to be a victim of some corporate lawyer hijacking your stuff.